package com.dayuanit.dy17.atm.atmbackoffice.controller;

import com.dayuanit.dy17.atm.atmbackoffice.dto.ResponseDTO;
import com.dayuanit.dy17.atm.atmbackoffice.entity.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;

public abstract class BaseController {

    protected static final Logger logger = LoggerFactory.getLogger(BaseController.class);

    protected long getUserId() {
        Subject subject = SecurityUtils.getSubject();
        User user = (User)subject.getPrincipal();
        return user.getId();
    }

    @ResponseBody
    @ExceptionHandler(UnauthorizedException.class)
    public ResponseDTO processUnauthorizedException(UnauthorizedException e) {
        logger.error(e.getMessage(), e);
        return ResponseDTO.fail("你无权操作");
    }
}
